Cyber security awareness

This course will help you keep our systems and information safe.

Understanding Phishing

What is phishing?

Please watch the video before continuing. You will be asked questions about it.

Quiz on video content.

Drag and match the term and the description.
  • Spear phishing
    Targeted fraud using information about the victim such as known relationships, memberships, interests or work role.
  • Phishing
    Sending the same malicious fake message to many people.
  • Smishing
    Sending malicious SMS messages to phones.

Examples of phishing.

Malicious SMS example

This is an example of a malicious SMS message. The internet link in the SMS is not the correct link to the bank's website.

The malicious website steals account information.

Malicious emails.

Malicious emails can use company logos and be very convincing. Malicious emails could be posing as special offers, competitions, delivery notices, bank notices or accounts, electricity or telephone bills and invoices or statements.

Examples of malicious emails.

Warning signs.

Asking you to do something:

The email or SMS will be asking you to:

  1. open an internet link or attached document; or
  2. respond supplying personal information.

Prompts for personal details.

Following the link in the email or SMS takes you to a website that prompts for sensitive information such as your login details.

Could be from someone you know.

The email or SMS could be from someone you know because their account is compromised, their PC is virus infected or they are being impersonated.

Is the email unexpected or unusual?

Telephone the sender if in doubt.


Malicious emails will often pressure you into action by having a deadline.

Too good to be true

Malicious emails may offer prizes, rebates or special deals to entice you to open them.

Before you act on the email or SMS:

  1. Is it from someone you know?
  2. Is the email expected?
  3. It is unusual in any way?

If in doubt, either telephone the sender and check or forward the email to the ICT Helpdesk for checking.


  • I can trust emails from people I know.
  • Emails containing company logos are trustworthy.
  • Malicious emails will be asking me to do something. Either open a document, open an Internet link or reply with information.
Pick if the statement is true or false.

Pick what is suspicious.

Mouse click on what reveals this email is fake and then press Submit.


Thank you for completing the training. If you have any questions, please don't hesitate to ask ICT.